 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Car Forum / Antique and Collectibles / Studebaker / May 2005Stude.com forums
A hacker crashed most of my forums, not sure if I can afford to leep them up. I've been quoted $250 to fix the forums and make them secure, and $50 a month to maintain them. I'm thinking of asking for Paypal donations from those that use them, or I may have to drop them. Even if a few dozen kick in 5 or 10 bucks I can keep it going and apy the rest out of pocket. I guess I could put up a few paid vendor banners, just not sure what I'll do yet.  SignatureJP/Maryland Studebaker On the Net http://stude.com My Ebay items:http://www.stude.com/EBAY/ 64 R2 4 speed Challenger (Plain Wrapper) 63 R2 4 speed GT Hawk 55 Speedster 50 2R 10 truck I think there must be a "Studebaker" Hacker... Bondo's site, your site, NCSDC.com... I think someone got in, and deleted my index file... that's what put the NCSDC host's server down, then, they %&$% up the Front-Page server extensions.. If the Host company reloads the extensions, you lose all the info on the server. Luckily, I had backed up withing 2-3 weeks, and I don't change a whole lot week-to-week, just meet announcements, and meet reports. Maybe a few tech-pages. I'm backing up everything to my HD everytime I make a change, but it's a shame it has to be done... Ray > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, [quoted text clipped - 3 lines] > out of pocket. I guess I could put up a few paid vendor banners, just > not sure what I'll do yet. Suddenly, there are more forums than time or interest.... But begging is so beneath you... Jeff "John Poulos" wrote... > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, and [quoted text clipped - 3 lines] > I guess I could put up a few paid vendor banners, just not sure what I'll > do yet. I was thinking the same thing. I could go back to the old HTML format so I can maintain my own page with just my labor. > Suddenly, there are more forums than time or interest.... > But begging is so beneath you... [quoted text clipped - 9 lines] >>I guess I could put up a few paid vendor banners, just not sure what I'll >>do yet. SignatureJP/Maryland Studebaker On the Net http://stude.com My Ebay items:http://www.stude.com/EBAY/ 64 R2 4 speed Challenger (Plain Wrapper) 63 R2 4 speed GT Hawk 55 Speedster 50 2R 10 truck My forum became corrupt on Ga. Stude dot com, and I'm not going to re-build it. It's a lot of work, and I forgot how I got it started! If folks have an interest in posting, they can easily get to this group via Google, even if they can't get to it thru Outlook Express and their ISP. Dave Miller John, maybe the best solution, is to point people to the google news groups, and the SDC Forum. phpBB has become a very high maintainance system in the last 18 months. Not that a alot of the fault is theirs, but becuase of it's popularity, and flaws in the common underlying systems that it is built upon (php 4.3.4 and MySql have contributed a few of the better exploits to the phpBB code base in the last 18 months.) Paul. > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, [quoted text clipped - 3 lines] > out of pocket. I guess I could put up a few paid vendor banners, just > not sure what I'll do yet. SignatureWTF is Oujdeivß? http://bible.crosswalk.com/Lexicons/Greek/grk.cgi?number=3762&version=kjv to contact me try Oudeis via softhome.net I'm thinking of doing that very thing, still pondering. > John, maybe the best solution, is to point people to the google news > groups, and the SDC Forum. [quoted text clipped - 15 lines] >> rest out of pocket. I guess I could put up a few paid vendor banners, >> just not sure what I'll do yet. SignatureJP/Maryland Studebaker On the Net http://stude.com My Ebay items:http://www.stude.com/EBAY/ 64 R2 4 speed Challenger (Plain Wrapper) 63 R2 4 speed GT Hawk 55 Speedster 50 2R 10 truck Can you trace the culprit? JT > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, [quoted text clipped - 11 lines] > 55 Speedster > 50 2R 10 truck No, wish we could. We can trace a IP, but that's about it. When you have a open forum that allows attachments, someone will hack it. > Can you trace the culprit? > [quoted text clipped - 15 lines] >>55 Speedster >>50 2R 10 truck SignatureJP/Maryland Studebaker On the Net http://stude.com My Ebay items:http://www.stude.com/EBAY/ 64 R2 4 speed Challenger (Plain Wrapper) 63 R2 4 speed GT Hawk 55 Speedster 50 2R 10 truck > No, wish we could. We can trace a IP, but that's about it. That should narrow the field.... SignatureDave Lester Dave's Place Home of the Internationally Renowned Studebakers, 'Sheba and Goliath See pictures at www.davesplaceinc.com > > No, wish we could. We can trace a IP, but that's about it. > > That should narrow the field.... > -- > Dave Lester Heh heh... Indeed! JT My gut feeling is that the "culprit" ain't too distant. Cowardly action though... JT > No, wish we could. We can trace a IP, but that's about it. When you have > a open forum that allows attachments, someone will hack it. [quoted text clipped - 27 lines] > 55 Speedster > 50 2R 10 truck the aoai.org forum was hacked a few months ago in a similar manner. that forum is using the same php as stude.com. someone is surely getting their jolly's on screwing these up ( they must have a small... 4 cylinder rice burner) Jeff > Can you trace the culprit? > [quoted text clipped - 15 lines] >>55 Speedster >>50 2R 10 truck The hacker is probably proud of him(/her)self; and quite likely will brag about it; and apparently has some sort of Studebaker connection. So, let's keep our ears open and maybe we'll hear something. Maybe we'll get a chance to make a personal visit. I suspect it's some 15 year old, say in Romania, just crashing any sites he finds with a security hole, nothing to do with the content of the site. Many hackers crash sites written in a language they can't even read. > The hacker is probably proud of him(/her)self; and quite likely will brag > about it; and apparently has some sort of Studebaker connection. So, let's > keep our ears open and maybe we'll hear something. Maybe we'll get a chance > to make a personal visit. SignatureJP/Maryland Studebaker On the Net http://stude.com My Ebay items:http://www.stude.com/EBAY/ 64 R2 4 speed Challenger (Plain Wrapper) 63 R2 4 speed GT Hawk 55 Speedster 50 2R 10 truck You sell any cars in Romania? <lol> "John Poulos" wrote... > I suspect it's some 15 year old, say in Romania, just crashing any sites > he finds with a security hole, nothing to do with the content of the site. [quoted text clipped - 5 lines] >> chance >> to make a personal visit. It's pretty easy to use a search engine to find a versions of phpBB that are open to attack, add to that the php 4.3.4 security flaws, and getting admin access to a pre phpBB 2.0.15 board is pretty easy. A lot of hosting services are still using php 4.3.4, and that makes most of the hosted sties vulnerable to various kinds of exploits. If you are using a php based scripts on a public web site, you must A) make sure that your host has updated to either php 4.3.11 or 5.0.3 B) keep the patch level of you php application (if not self written) up to date. C) monitor the php security groups, so you have notice of the issues (the script kiddies do) Paul Driver. see http://www.hardened-php.net/advisories/012004.txt > I suspect it's some 15 year old, say in Romania, just crashing any > sites he finds with a security hole, nothing to do with the content of [quoted text clipped - 7 lines] >> chance >> to make a personal visit. SignatureWTF is Oujdeivß? http://bible.crosswalk.com/Lexicons/Greek/grk.cgi?number=3762&version=kjv to contact me try Oudeis via softhome.net Actually, a lot of hacker write scripts that search automatically through the internet, looking for these type of PHPbb forums. Once they find one, it automatically uploads their hack folder into one of the PHPbb directories, and starts gathering email addresses from the site and the users of the forum, in order to send out spam. Lew > I suspect it's some 15 year old, say in Romania, just crashing any > sites he finds with a security hole, nothing to do with the content of [quoted text clipped - 4 lines] >> keep our ears open and maybe we'll hear something. Maybe we'll get a chance >> to make a personal visit. Signature(to reply by email, remove the "nospam" part in my return address) I replaced the AOAI forum with everything we had before the hacker damaged it, but we just lost a number of tech talk stuff and other postings. The free PHPbb forums that are so popular are really dangerous for sites to use. Many of the hackers use this free forum to send spam mail and viruses without being traced, as well as phishing expeditions to steal users financial information. (Phishing is the internet term for these fake PayPal, Citibank and other sites that trick people into thinking their legitimate banking accounts were compromised and tricked into sending their account numbers and passwords. A REAL financial institution will NEVER ask for personal information through email.) John and others: if you want a really secure, PHP-based forum, two to try are Invisionboard http://www.invisionboard.com and Vbulletin at http://www.vbulletin.com They both have a one-time fee of about $160 or $180, are easy to set up and customize and are pretty much hacker free. For the fee you pay, it entitles you to updates as they are released to keep the Phishers and hackers at bay. They are very secure. Lew > the aoai.org forum was hacked a few months ago in a similar manner. > that forum is using the same php as stude.com. someone is surely [quoted text clipped - 22 lines] >>> 55 Speedster >>> 50 2R 10 truck Signature(to reply by email, remove the "nospam" part in my return address) This is a pretty good idea, but these are still phpBB based, and invision suffered a PHP security flaw as well. Management of these products still requires a bit of PHP/SQL ability. Paul. > I replaced the AOAI forum with everything we had before the hacker > damaged it, but we just lost a number of tech talk stuff and other [quoted text clipped - 37 lines] >>>> out of pocket. I guess I could put up a few paid vendor banners, just >>>> not sure what I'll do yet. SignatureWTF is Oujdeivß? http://bible.crosswalk.com/Lexicons/Greek/grk.cgi?number=3762&version=kjv to contact me try Oudeis via softhome.net Culprit?? How kind! I think a.shole is somewhat more appropriate! > Can you trace the culprit? > [quoted text clipped - 15 lines] > > 55 Speedster > > 50 2R 10 truck They got my guestbook on my site (again) and this time rather than fight, I simply shut it down. Shame huh? Rob Signaturehttp://www.robswoodworking.com > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, [quoted text clipped - 3 lines] > out of pocket. I guess I could put up a few paid vendor banners, just > not sure what I'll do yet. Go for the vendors. Whatever you charge them will be damned cheap compared to what display ads cost in Hemmings. If they have web sites, give them a live link to their site. As an owner, I can never have too many vendors to choose from. Every time I find a new vendor, he goes in my "favorites" list. ( I use MS IE.) > A hacker crashed most of my forums, not sure if I can afford to leep > them up. I've been quoted $250 to fix the forums and make them secure, [quoted text clipped - 3 lines] > out of pocket. I guess I could put up a few paid vendor banners, just > not sure what I'll do yet. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.